This disclosure relates to Digital Rights Management (DRM) for protection of audio and/or video data in a playback device such as a computer or computing device or audio or video media player. DRM refers to standards and proprietary systems where a content item has associated data that specifies user rights. The protection of digital content transferred between computers over a network and transferred from a computer or other host device or a server to an associated playback device is important for many organizations. The DRM process often involves encrypting the pieces of content (e.g., encrypting the binary form of the content) to restrict usage to those who have been granted a right to the content, which is typically pieces of music or video programs.
Cryptography is the traditional protection method, but for many digital file transfer situations, a party that legitimately receives the content might try to break the DRM protection scheme, so as to give illicit access to third parties or himself. Hence, an identified weak link in the DRM security is in the overall process, rather than the encryption scheme. For instance, one of the more successful DRM schemes distributes music and video content via the Internet. The DRM system distributes to a user's computer content that has been encrypted. The user's computer then decrypts the received content, generates local keys for encrypting the content, and uses the local keys to re-encrypt the content. Typically, the content in encrypted form may also be downloaded, via a local connection such as a USB (universal serial bus) connection, to an associated playback-only device such as an audio or video media player, which similarly decrypts and re-encrypts the content before playing same.
One of the major challenges in Digital Rights Management is the implementation of time enforcement. There is a time-dependent factor in many applications of DRM, notably in the protection of rental content (such as video programs, movies, etc.). In this scenario, a user purchases the rights to access an item of content for a given period of time such as a month where typically the content is distributed as a digital file over the Internet but including tangible media such as DVDs, CDs, etc. The role of DRM software in this situation is to allow the content to be accessed by the user during the agreed upon period of time and disallow access at any other time. See Vataja, U.S. Publication No. 2005/0204209, published Sep. 15, 2005 and McKune, U.S. Publication No. 2002/0169974, published Nov. 14, 2002, both incorporated herein by reference in their entirety.
Many current DRM schemes have this functionality and enforce it by using a secure time server or hardware clock. When the user tries to access the content using his playback device, the DRM software connects across a network (e.g., the Internet) to a secure time server and queries the current time. If the time returned over the network from the server is within the correct period, the DRM software allows playback. This scheme has a major drawback; the user must be connected to the network at the time of content playback. This restriction is not feasible for certain mobile playback devices without network connectivity, in situations where content needs to be accessed offline and for platforms (playback devices) with no internal secure hardware clock.